Main navigation

How Android Pay Works and Why You Should Consider Using It

Have you ever spent what seems like an eternity foraging through your purse or backpack looking for you credit card?

You can sense the growing line of people behind you becoming increasingly impatient the same way they get when someone is writing a check.

Sometimes it feels like an excavation is needed just to find what you’re looking for.

Enter Android Pay, where none of that is necessary. As long as you are dealing with a compatible Point-Of-Sale system with NFC (Near Field Communication) – which are becoming more common – all that is needed is a simple tap.

But if you didn’t completely understand the previous sentence, you aren’t alone. We are here to explain the how behind Android Pay. It’s also natural (and smart) to question the security of any new payment method, so we will discuss that as well. Wondering about setup or the difference between Android Pay, Google Wallet, or Samsung Pay? We explain that too, along with the downsides to Android Pay.

What is Android Pay?

Android Pay can serve as your all-encompassing and contactless payment solution. You won’t need for your device to touch any reader but there is a caveat. You can add all of your credit or debit cards, they just need to be supported. Once you are all setup, you will fly through checkout without ever opening an app.

Speaking of apps, you need never have to enter all of your payment and address information for in-app purchases again. Any loyalty points or special offers will be applied without you having to even think about it.

Does any of this seem familiar though? Like Google tried this before?

You might be thinking… whatever happened to Google Wallet?

Actually, Google Wallet is still around, but now it functions more like PayPal. Android Pay is an offshoot of the mobile payment role of Google Wallet, and so far, has gained much more popularity.

Samsung Pay

If you own a Samsung you have the option of Samsung Pay and can have both apps simultaneously on your device, but what’s the difference?

Samsung Pay can actually be used almost anywhere you can use your credit or debit card, whereas Android Pay and Apple Pay both rely on the store’s provision of a special reader. We say almost anywhere because Samsung Pay is unlikely to work at an ATM or at a sit-down restaurant where the waiter takes your card. Also, the number of cards and banks Samsung Pay supports is far smaller than Android Pay.

Actually, since Android Pay’s weakness can be the availability of compatible readers and Samsung Pay’s downside is a lack of payment options; it might not hurt to have both apps on your device, provided that your device is a supported Samsung.

So How Does Android Pay Actually Work?

Android Pay is actually safer than a traditional credit card. One big reason why is that it conducts business with a virtual account number that represents your account details so that your credit or debit card number can’t be intercepted and copied. The number used is randomly generated within Google’s servers and not your device, making them tough to steal and crack. Also, you should automatically receive a payment confirmation that contains where the payment occurred, the name of the business, and phone number so that you can track anything shady.

Android Pay uses NFC, so what happens if your smartphone gets too close to a transaction that isn’t yours?

The two devices (your phone and the reader) would have to be within two inches of each other, your phone first has to be unlocked, and you still need a PIN, password, or pattern to authorize the transaction. This makes an accidental or unauthorized purchase or far more unlikely. If you lose your device, you can use Android Device Manager to lock down your phone, perform a wipe, and/or assign a new password. You won’t have to cancel all of your cards.

Android Pay is now accepted at more than one million stores in the U.S, and that number is growing, but it isn’t available worldwide just yet. For the Android Pay app to work, your device must be NFC-enabled and run at least KitKat 4.4 (which is close to about 70% of devices).

Remember when we talked about Google’s servers being required to produce the hard-to-steal and use dummy number in lieu of your real credit or debit card number? Does this mean an Internet outage will render the service useless?

Not necessarily—up to a point. Some of the numbers, called tokens, are stored on the device in limited quantities as backups; but don’t ask where or how because it’s a secret.

Security Tips

If you are still feeling wary of using your Android to make payments, keep in mind that in addition to the token used to protect your credit or debit card information, there are other safety measures involved. You will be required to set a screen lock if you don’t have one already. This isn’t a bad idea even if you never use Android Pay.

To set up a screen lock with a PIN, password, or pattern, go to Settings>Security>Screen Security>Screen Lock. This helps to prevent others from accessing the contents of your phone and making unauthorized purchases.

Do not save passwords or PINs on your device or where others can discover them. Encrypting your device can make it nearly impossible for someone who steals your phone to decipher your data. Lock each individual app that contains sensitive data using an app such as CM Security or AppLock. You can also set up two-step verification through your Google account by using a web browser to go to My Account>Sign-In and Security>Signing into Google>2-Step Verification.

Is all of this overkill? Maybe. After all, Android Pay is honestly more secure than carrying around your credit card. But some of these things are essential and required.

The lock screen is required. An additional PIN, password, or pattern is also mandatory to authenticate the transaction itself. Can someone crack one of those passwords, PINs, or patterns? Unfortunately, yes.

The easiest way is to study the smudges left by the fingerprint oils on your touchscreen. That’s why encryption is also not a bad idea. A fingerprint scan is a better option for authentication, but many phones don’t yet offer it.

To prevent smudge attacks, it’s probably not a bad idea to have overlapping PINs, passwords, or patterns that double back on themselves. A smudge attacker would have to try to hold your phone up to the light and figure out both of the PINs, patterns, or passwords to complete an entire transaction using Android Pay, which seems a bit unlikely.

CM Security

AppLock

Set Up Android Pay

Setup is actually quite easy. On some newer phones, the app comes preloaded. If you don’t own such a phone you can download the app below or on Google Play. Android Pay does not provide support for rooted devices or those with Samsung My Knox enabled, unfortunately.

Open the app on your device and add your cards. If you already have a card stored on your Google account, all you need to do is tap the card to associate it with Android pay and confirm details such as the security code on the back of the card. You will have to have a lock screen set up in order to add a card. To add a new card, you can simply snap its picture.

Once you are done adding your payment information you are ready to start making new purchases. Anytime you see the symbol with the Android robot at checkout, that’s your cue it’s accepted. In fact, if you see the Apple Pay symbol, odds are that Android Pay is going to work there too. Many retailers have been slow to adopt this type of payment process, but it’s becoming more ubiquitous.

Android Pay

The Future of Android Pay and Mobile Payments

Soon an update may be available that will allow you to see a map of nearby locations that will accept Android Pay. Android will probably try to continue expanding by offering more rewards and discounts for in-app purchases to help mitigate the slow adoption by some brick and mortar merchants.

Google has definitely started to lay the groundwork and develop partnerships with many banks, retailers, payment networks, processors, terminal vendors, and app developers already, and will continue to do so. If you are a Google Wallet card devotee, you were probably disappointed to find that card retired on June 30, 2016. Think that’s Google’s way of hinting that it really wants you to use Android Pay?

Conclusion

Mobile payments are probably in the future for most of us. When that happens depends on how ingrained our tangible plastic card habits are. Google would like to speed that up, of course, but first, it has to convince both merchants and consumers that this is a superior payment method and to change what is a lifelong behavior for most. We will probably start to see even more devices that support mobile payments, such as smartwatches.

If you already use Android Pay, what are your impressions? What security do you use? Have you had any problems? Send us your thoughts on all of these topics.